4727106141
* fix: prevent race conditions in token operations and auth flows Backend: - Refresh token rotation: use atomic UPDATE...WHERE revoked_at IS NULL to prevent concurrent refresh requests from both succeeding - Account invite codes: SELECT FOR UPDATE to prevent double-spend - Platform invite codes: SELECT FOR UPDATE to prevent double-spend - Password reset tokens: SELECT FOR UPDATE to prevent double-use - Email verification tokens: SELECT FOR UPDATE to prevent double-use Frontend: - Token refresh subscriber arrays: swap before iterating so a throwing callback doesn't leave the queue in a dirty state Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: atomic counters, plan limit re-check, and double-submit guard Backend: - Tree usage_count: use SQL-level UPDATE (Tree.usage_count + 1) instead of Python-level increment to prevent lost updates under concurrency - Tag usage_count: same SQL-level atomic increment/decrement in both create_tree and update_tree (delete_tree already used this pattern) - Plan tree limit: re-check count after db.flush() to close the TOCTOU window where two concurrent creates could both pass the pre-check Frontend: - TreeEditorPage: add isSaving early-return guard inside handleSaveDraft and handlePublish callbacks so Ctrl+S can't bypass the button disabled prop and fire duplicate save requests Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: prevent stale API responses from overwriting newer data - SessionHistoryPage: move loadSessions into effect with cancelled flag so rapid filter/tab changes discard outdated responses - TreeLibraryPage: add request ID ref to loadTrees so stale responses from previous filter selections are discarded - QuickStartPage: add request ID ref to debounced search so out-of-order responses don't overwrite newer search results Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * docs: add flexible intake design — deferred variables + prepared sessions Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Troubleshooting Decision Tree - Backend API
FastAPI backend for the Troubleshooting Decision Tree application.
Quick Start
1. Set up Python environment
cd backend
python -m venv venv
# Windows
venv\Scripts\activate
# macOS/Linux
source venv/bin/activate
pip install -r requirements.txt
2. Start PostgreSQL database
Using Docker:
docker-compose up -d
Or install PostgreSQL locally and create a database:
CREATE DATABASE decision_tree;
3. Configure environment
Copy the example env file and update as needed:
cp .env.example .env
4. Run database migrations
alembic upgrade head
5. Start the server
uvicorn app.main:app --reload --host 0.0.0.0 --port 8000
The API will be available at:
- API: http://localhost:8000
- Docs: http://localhost:8000/api/docs
- ReDoc: http://localhost:8000/api/redoc
API Endpoints
Authentication
POST /api/v1/auth/register- Register new userPOST /api/v1/auth/login- Login (form data)POST /api/v1/auth/login/json- Login (JSON body)POST /api/v1/auth/refresh- Refresh tokenGET /api/v1/auth/me- Get current userPOST /api/v1/auth/logout- Logout
Trees
GET /api/v1/trees- List all treesGET /api/v1/trees/categories- List categoriesGET /api/v1/trees/search?q=query- Search treesGET /api/v1/trees/{id}- Get specific treePOST /api/v1/trees- Create tree (engineer/admin)PUT /api/v1/trees/{id}- Update tree (engineer/admin)DELETE /api/v1/trees/{id}- Delete tree (admin)
Sessions
GET /api/v1/sessions- List user's sessionsGET /api/v1/sessions/{id}- Get specific sessionPOST /api/v1/sessions- Start new sessionPUT /api/v1/sessions/{id}- Update sessionPOST /api/v1/sessions/{id}/complete- Complete sessionPOST /api/v1/sessions/{id}/export- Export session
Development
Create new migration
alembic revision --autogenerate -m "description"
Run migrations
alembic upgrade head
Rollback migration
alembic downgrade -1
Project Structure
backend/
├── alembic/ # Database migrations
│ └── versions/
├── app/
│ ├── api/
│ │ ├── endpoints/ # API route handlers
│ │ ├── deps.py # Dependencies (auth, etc.)
│ │ └── router.py # Main router
│ ├── core/
│ │ ├── config.py # Settings
│ │ ├── database.py # DB connection
│ │ └── security.py # JWT, password hashing
│ ├── models/ # SQLAlchemy models
│ ├── schemas/ # Pydantic schemas
│ └── main.py # FastAPI app
├── tests/
├── alembic.ini
├── docker-compose.yml
├── requirements.txt
└── README.md